Файл: user/blacklist/index.php
Строк: 177
<?php
/* DCMS Special
* Дата последнего редактирования 16.01.2016
* Модифицировал densnet
*/
foreach (array('start', 'compress', 'sess', 'settings', 'db_connect', 'ipua', 'fnc', 'user') as $inc) {
require_once "../../sys/inc/$inc.php";
}
only_reg();
if (isset($_POST['add_w']) && isset($_POST['nick']) && isset($_POST['mdp']) && $_POST['mdp'] == $user['pass']) {
$nick = htmlspecialchars($_POST['nick']);
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `nick` = '$nick'"));
header("Location:?add=$ank[id]");
exit;
}
if (isset($_GET['add'])) {
$set['title'] = lang("Чёрный список - Добавление");
require_once H . 'sys/inc/thead.php';
aut();
$ank = get_user(intval($_GET['add']));
if (!$ank || $ank['id'] == 0) {
echo "<div class='alert alert-danger'>" . lang('Пользователь не обнаружен') . "!</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
if ($ank['id'] == $user['id']) {
echo "<div class = 'alert alert-danger'>" . lang('Нельзя добавлять себя в свой Чёрный список') . "</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_blacklist` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]'"), 0) != 0) {
$id = mysql_fetch_array(mysql_query("SELECT * FROM `user_blacklist` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]'"));
header("Location:?id=$id[id]");
exit;
}
if (isset($_POST['ok']) && isset($_POST['msg']) && isset($_POST['mdp']) && $_POST['mdp'] == $user['pass']) {
if (utf8_strlen($_POST['msg']) < 1) {
$err[] = lang('Укажите причину');
}
if (utf8_strlen($_POST['msg']) > 200) {
$err[] = lang('Причина слишком длинная');
}
$tt = $_POST['time_to'];
if ($tt == 1 || $tt == 6 || $tt == 24 || $tt == 120 || $tt == 'forever') {
if ($tt == 'forever') {
$forever = 1;
} else {
$time_to = $time + ($tt * 3600);
}
} else {
$err[] = lang('Техническая ошибка');
}
if (!isset($err)) {
mysql_query("INSERT INTO `user_blacklist` SET `id_user` = '$user[id]', `id_ank` = '$ank[id]', `time` = '$time', `msg` = '" . mysql_real_escape_string($_POST['msg']) . "'" . (isset($forever) ? ", `forever` = '1'" : ", `time_to` = '$time_to'") . "");
header("Location:?");
}
}
err();
#Навигация
echo "<div class='card-header'>";
echo "<a href='/' data-toggle='tooltip' data-placement='right' title='" . lang('На главную') . "'><i class='fa fa-home fa-lg'></i></a> <i class='fa fa-angle-right fa-fw'></i> ";
echo "<a href='/info.php?id=$user[id]'>$user[nick]</a> <i class='fa fa-angle-right fa-fw'></i> ";
echo "<a href='/user/blacklist/'>" . lang('Черный список') . "</a> <i class='fa fa-angle-right fa-fw'></i> ";
echo "$ank[nick]";
echo "</div>";
echo "<form class = 'list-group-item' name = 'black' method = 'POST' action = '?add=$ank[id]'>";
echo "<b>" . lang('Пользователь') . "</b> ";
echo gradient("$ank[nick] ", "$ank[ncolor]", "$ank[ncolor2]");
echo "<br />";
echo lang('Причина') . "<br />";
echo "<input type = 'hidden' name = 'mdp' value = '$user[pass]'/>";
echo "<textarea class='form-control' rows='3' name='msg'></textarea>";
echo lang('Срок') . "<br />";
echo "<select class='form-control' name='time_to'>";
echo "<option value='1' selected='selected'>1 ч.</option>";
echo "<option value='6'>6 ч.</option>";
echo "<option value='24'>24 ч.</option>";
echo "<option value='120'>120 ч.</option>";
echo "<option value='forever'>" . lang('Навсегда') . "</option>";
echo "</select><br />";
$doc->Button('btn btn-success btn-sm', 'ok', 'save', 'Сохранить');
echo "</form>";
$doc->Link('list-group-item', "/info.php?id=$ank[id]", 'arrow-left', "$ank[nick]");
require_once H . 'sys/inc/tfoot.php';
exit;
} elseif (isset($_GET['del']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user_blacklist` WHERE `id` = '" . intval($_GET['del']) . "' AND `id_user` = '$user[id]'"), 0) != 0) {
mysql_query("DELETE FROM `user_blacklist` WHERE `id` = '" . intval($_GET['del']) . "' AND `id_user` = '$user[id]'");
header("Location:?");
exit;
} elseif (isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user_blacklist` WHERE `id` = '" . intval($_GET['id']) . "' AND `id_user` = '$user[id]'"), 0) != 0) {
$set['title'] = lang("Чёрный список");
require_once H . 'sys/inc/thead.php';
aut();
$id = mysql_fetch_array(mysql_query("SELECT * FROM `user_blacklist` WHERE `id` = '" . intval($_GET['id']) . "' AND `id_user` = '$user[id]'"));
$ank = get_user($id['id_ank']);
$tt = $id['time_to'] - TIME;
#Навигация
echo "<div class='card-header'>";
echo "<a href='/' data-toggle='tooltip' data-placement='right' title='" . lang('На главную') . "'><i class='fa fa-home fa-lg'></i></a> <i class='fa fa-angle-right fa-fw'></i> ";
echo "<a href='/info.php?id=$user[id]'>$user[nick]</a> <i class='fa fa-angle-right fa-fw'></i> ";
echo "<a href='/user/blacklist/'>" . lang('Черный список') . "</a> <i class='fa fa-angle-right fa-fw'></i> ";
echo "$ank[nick]";
echo "</div>";
echo "<div class='list-group-item'>";
echo lang('Пользователь') . ": ";
echo gradient("$ank[nick] ", "$ank[ncolor]", "$ank[ncolor2]");
echo "<br/>";
echo "<a style='float:right;' href='?del=$id[id]' title = '" . lang('Удалить из списка') . "'><i class='fa fa-trash-o fa-fw'></i></a>";
echo lang('Причина') . ": " . toOutput($id['msg']) . "<br />";
echo ($id['forever'] == 0 ? "" . lang('Осталось') . ": $tt " . lang('сек') . "" : " " . lang('Заблокирован навсегда') . "") . "<br/>";
echo "</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
$set['title'] = lang("Чёрный список");
require_once H . 'sys/inc/thead.php';
aut();
#Навигация
echo "<div class='card-header'>";
echo "<a href='/' data-toggle='tooltip' data-placement='right' title='" . lang('На главную') . "'><i class='fa fa-home fa-lg'></i></a> <i class='fa fa-angle-right fa-fw'></i> ";
echo "<a href='/info.php?id=$user[id]'>$user[nick]</a> <i class='fa fa-angle-right fa-fw'></i> ";
echo lang('Черный список');
echo "</div>";
echo "<form class = 'list-group-item' method = 'post'>";
echo lang('Введите логин пользователя, которого хотите добавить') . "<br/>";
echo "<input type='hidden' name='mdp' value='$user[pass]' />";
echo "<input class='form-control' style='width: 50%;' type='text' name='nick' value='' /><br />";
$doc->Button('btn btn-success btn-sm', 'add_w', 'user-plus', 'Внести в список');
echo "</form>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `user_blacklist` WHERE `id_user` = '$user[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$q = mysql_query("SELECT * FROM `user_blacklist` WHERE `id_user` = '$user[id]' ORDER BY `time` ASC LIMIT $start, $set[p_str]");
if ($k_post == 0) {
$doc->NoResult();
}
while ($post = mysql_fetch_array($q)) {
$an = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_ank]'"));
echo "<div class='list-group-item-komm'>";
echo "<table><tr><td class = 'icon14'>";
avatar($an['id'], '35', 'border-radius: 2px;');
echo "</td><td class='null'>";
echo "<span style='float:right;' id='hides'><a href='?del=$post[id]' title='" . lang('Удалить из списка') . "'><i class='fa fa-trash-o fa-fw'></i></a></span>";
echo "<a href='?id=$post[id]'><b>";
echo gradient("$an[nick] ", "$an[ncolor]", "$an[ncolor2]");
echo "</b></a>";
echo "</td></tr></table></div>n";
}
if ($k_page > 1) {
echo "<div class='list-group-item'>";
str("?", $k_page, $page);
echo "</div>";
}
require_once H . 'sys/inc/tfoot.php';
exit;